Introduction
Root user or as we commonly say super user (privileged user) is the most dangerous user in our environment because of its powerful capabilities and authority, in fact there is no rule applied on the root user because simply it can neglect or delete any rule.
And as a result, experts advise not to log in as the root user to avoid any potential attacks that may happen and exploit the system, and of course with these privileges the harm will be inevitable.
One would ask, how can we use the commands that would need a certain privilege that exceeds the normal user?!
It`s a good legit question, and the answer is we grant the user to run commands with the root privileged via the sudo command by adding the user to wheel group.
wheel group
The wheel group is a special user group on some Unix systems that controls access to the su command, which allows a user to operate as another user (usually the super user), thus those who can use the super privilege are the sudoers.
Now to the main part, what if you forgot your root password or it got compromised?!!
To reset your root password in red hat Linux, you can try the following.
- If you log in as the root user itself but want to reset the password
Prerequisite
- You are able to log in or run the shell as root
Simply run the passwd command to change the password
Now, log out and sign in again with the new password to confirm the change
- If you log in as a sudoer user that exists in the wheel group
Prerequisite
- You are able to log in as a non-root user
- You are a member of wheel group
Our user is not a wheel user yet
So, to add a user to the wheel group, do the following
As we can see that unixcop now member of wheel group and can run commands that need super privileges
Here e are in unixcop user
At the time we can reset the root password via our normal user but must run the command started with sudo
The command executed perfectly, as a result the root password changed
Sign in to the root account with the new password so you confirm the change
- If you log in as a non-privileged user
Prerequisite
- You are able to log in as a non-root user
If you tried to reset the root password as a normal user it will fail, not only but report your failure attempt.
The Redhat Official Solution
When you forgot root password centos 8 do the Following
Reboot your system then on the GRUB screen press e key
Press ctrl+e to jump to the end of the text then write rd.breake after the word quite
Press ctrl+x to start the system in the emergency mode
The file system is mounted as read-only in the /sysroot directory. Remounting the file system as writable allows you to change the password.
To enter the chroot environment which allows you to change the root password
Now you can reset the password simply by running passwd command
The root password successfully changed
Final step is to create a file with the name autorelabel to enable the SELinux relabeling process on the next boot
exit the chroot environment and exit the switch_root prompt
And wait for the relabeling and for the system to reboot
To verify the process try to login as the root (not recommended) or run the shell as root and enter the newly created password
Command
Conclusion
Root user is a very powerful yet a dangerous user due to its capabilities and privileges.
You must limit the access to this user by not log in as root as much as possible.
Password of the root user must be protected in a manner way, if this password got compromised you can reset it by the proper tools as we explained in our article.